InvisiRisk Blog Posts

by Tom Hamilton, CTO and Co-Founder, InvisiRisk, Inc. Key Takeaways: CI/CD pipeline attacks increasingly target build systems and pipeline configuration, not just source code. SCA, SAST, DAST, and IaC tools are still essential, but they do not stop build-time secret exfiltration, build-environment tampering, or runtime abuse inside the pipeline. A Build Application Firewall (BAF) enforces security policies inline during the build by understanding build communications protoco